Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s3UxVdUozEvFZ93HyJWa1LmlaZw.roa
File: s3UxVdUozEvFZ93HyJWa1LmlaZw.roa (raw, json)
Hash identifier: jvB8clkrQ7YKNfkm0xVkPk41fHhah4IPYujp+rpHoUg=
Subject key identifier: B3:75:31:55:D5:28:CC:4B:C5:67:DD:C7:C8:95:9A:D4:B9:A5:69:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFBDF3E0B92DAA97A856545AEB2942A72
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s3UxVdUozEvFZ93HyJWa1LmlaZw.roa
Signing time: Fri 12 Jan 2024 04:12:40 +0000
ROA not before: Fri 12 Jan 2024 04:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:df:3e:0b:92:da:a9:7a:85:65:45:ae:b2:94:2a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 04:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3753155d528cc4bc567ddc7c8959ad4b9a5699c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:69:c1:56:cf:70:f3:79:e4:77:98:e0:96:8a:
1f:dc:4e:34:83:60:d1:be:56:f5:84:f0:0c:28:88:
c8:cd:52:f3:9d:15:94:f8:29:f5:80:ed:e8:73:a0:
d3:26:57:29:fc:6a:59:b1:13:a7:01:ce:06:ce:49:
c5:13:24:82:b4:cc:08:73:f9:b5:0b:69:c1:46:52:
73:a1:68:b7:7d:2f:28:06:a6:9b:34:74:98:31:7f:
80:64:8a:98:e0:79:c2:ee:79:41:a7:3a:3c:75:9a:
1f:9c:03:a1:03:ed:cc:94:2c:43:a8:78:c7:48:4d:
0b:16:90:15:15:2f:ea:62:7d:a1:0c:bf:6e:a5:a3:
c7:ef:fc:09:8c:55:3e:43:a3:bb:fc:53:0d:54:d5:
7b:da:88:f1:ac:a4:59:f8:93:d3:0d:0e:fa:e2:09:
cb:bd:bf:ce:cf:f2:8b:ff:ce:ec:73:17:26:80:31:
f3:59:26:3b:d4:fc:44:de:a7:08:59:de:99:5c:4a:
ea:ab:a1:16:d9:8b:77:8a:ec:50:ab:f8:64:59:cc:
63:7c:8c:02:ad:22:dc:50:5a:d6:0d:f5:bf:5a:65:
cb:5a:d4:54:5e:23:32:b5:d1:f2:00:7d:92:2d:cb:
59:48:62:c5:c1:cc:3f:43:d1:6d:b8:b6:a9:bb:c9:
92:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:75:31:55:D5:28:CC:4B:C5:67:DD:C7:C8:95:9A:D4:B9:A5:69:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s3UxVdUozEvFZ93HyJWa1LmlaZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:0b:88:47:bf:04:5e:b7:bc:61:f2:1d:83:5c:c4:31:f8:7a:
f5:a8:61:27:b6:51:76:99:6a:68:45:63:e8:f7:7f:e0:df:9c:
6a:12:81:d4:6e:ee:dd:7c:34:d6:ba:c0:5e:4b:ab:59:07:db:
72:72:64:62:27:15:1f:af:23:a0:14:50:e2:7f:8e:09:91:98:
c3:72:3d:1c:44:ac:be:4e:d5:92:f2:fd:5a:dd:9b:4f:8a:19:
cc:7d:71:21:18:71:7d:c9:80:0d:b1:5f:5e:d5:50:a7:96:c2:
98:57:60:4b:e1:d6:39:06:2f:56:2f:ee:06:16:e0:87:08:16:
01:e9:c2:a2:db:e6:3c:e4:3b:3e:80:b2:30:0e:31:3f:df:bc:
49:32:b3:a5:0e:09:70:4a:9b:e9:3e:8e:0a:fd:a4:cc:92:18:
4c:2d:ad:d5:43:b5:39:39:44:c0:16:99:b0:14:d3:94:8e:4e:
3f:38:a6:29:21:a0:0e:fe:6c:c0:63:a6:17:a1:27:e6:71:fe:
cd:00:01:58:32:aa:f4:67:9d:4b:1c:3f:05:25:9c:cc:6b:b7:
e6:ad:e2:07:d0:b9:25:76:34:31:31:97:df:9f:93:f3:eb:51:
1b:7e:ac:16:dd:25:4e:da:0b:06:b2:73:bf:54:8e:55:70:2c:
ec:4d:9e:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz73z4LktqpeoVlRa6ylCpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMDQxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc1MzE1NWQ1MjhjYzRiYzU2N2RkYzdjODk1OWFkNGI5YTU2OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmnBVs9w83nkd5jgloof3E40g2DR
vlb1hPAMKIjIzVLznRWU+Cn1gO3oc6DTJlcp/GpZsROnAc4GzknFEySCtMwIc/m1
C2nBRlJzoWi3fS8oBqabNHSYMX+AZIqY4HnC7nlBpzo8dZofnAOhA+3MlCxDqHjH
SE0LFpAVFS/qYn2hDL9upaPH7/wJjFU+Q6O7/FMNVNV72ojxrKRZ+JPTDQ764gnL
vb/Oz/KL/87scxcmgDHzWSY71PxE3qcIWd6ZXErqq6EW2Yt3iuxQq/hkWcxjfIwC
rSLcUFrWDfW/WmXLWtRUXiMytdHyAH2SLctZSGLFwcw/Q9FtuLapu8mSywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLN1MVXVKMxLxWfdx8iVmtS5pWmcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvczNVeFZkVW96RXZGWjkzSHlKV2ExTG1sYVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYLiEe/BF63vGHyHYNc
xDH4evWoYSe2UXaZamhFY+j3f+DfnGoSgdRu7t18NNa6wF5Lq1kH23JyZGInFR+v
I6AUUOJ/jgmRmMNyPRxErL5O1ZLy/Vrdm0+KGcx9cSEYcX3JgA2xX17VUKeWwphX
YEvh1jkGL1Yv7gYW4IcIFgHpwqLb5jzkOz6AsjAOMT/fvEkys6UOCXBKm+k+jgr9
pMySGEwtrdVDtTk5RMAWmbAU05SOTj84pikhoA7+bMBjphehJ+Zx/s0AAVgyqvRn
nUscPwUlnMxrt+at4gfQuSV2NDExl9+fk/PrURt+rBbdJU7aCwayc79UjlVwLOxN
ns0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:18:33 2025 by rpki-client